Vulnerabilities > Hcltech
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-19 | CVE-2022-44754 | Out-of-bounds Write vulnerability in Hcltech Domino 9.0/9.0.1 HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. | 7.8 |
2022-12-19 | CVE-2022-44755 | Out-of-bounds Write vulnerability in Hcltech Notes 10.0.1/9.0.1 HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. | 7.8 |
2022-12-12 | CVE-2022-42446 | Incorrect Default Permissions vulnerability in Hcltech Sametime 12.0 Starting with Sametime 12, anonymous users are enabled by default. | 6.5 |
2022-11-04 | CVE-2022-38654 | Unspecified vulnerability in Hcltech Domino HCL Domino is susceptible to an information disclosure vulnerability. | 5.5 |
2022-11-04 | CVE-2022-38660 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Domino 9.0/9.0.1 HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. | 8.8 |
2022-11-01 | CVE-2020-4099 | Inadequate Encryption Strength vulnerability in Hcltech Verse 12.0.9 The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. | 7.5 |
2022-10-31 | CVE-2021-27784 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech HCL Launch Container Image 7.1.0.1 The provided HCL Launch Container images contain non-unique HTTPS certificates and a database encryption key. | 7.5 |
2022-09-22 | CVE-2021-27774 | Improper Input Validation vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5 User input included in error response, which could be used in a phishing attack. | 5.4 |
2022-09-15 | CVE-2022-27561 | Cross-site Scripting vulnerability in Hcltech Traveler 10.0.0.0/12.0.1.0/12.0.1.1 There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf). | 4.8 |
2022-08-30 | CVE-2022-27560 | Insufficiently Protected Credentials vulnerability in Hcltech Versionvault Express 2.0.1/2.1.0 HCL VersionVault Express exposes administrator credentials. | 6.5 |